--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please reduce flatpak's time delay, or unblock it:
unblock flatpak/0.8.2-1
Shortly before the soft freeze, flatpak upstream introduced a new stable
branch 0.8.x, which I hope will be minimal enough to use as a source for
future stable updates if needed.
0.8.1 has been in testing for 7 days without new bug reports, but 0.8.2
was released today to fix a gap in the sandboxing. flatpak will need to
migrate together with bubblewrap, which was uploaded at the same
time as flatpak 0.8.1: they have a Breaks/Depends pair to ensure that
CVE-2017-5226 does not come back (responsibility for preventing it was
moved from bubblewrap to flatpak to fix a functional regression in the
version currently in testing).
The attached debdiff was filtered to exclude:
- Autotools noise (configure, Makefile.in, aclocal.m4)
- prebuilt HTML documentation (gtk-doc)
- the bundled copy of bubblewrap (we use the system version in Debian)
- dropped patches in debian/patches (they were applied upstream)
- translation updates
Regards,
S
-- System Information:
Debian Release: 9.0
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
debdiff --exclude=configure --exclude=\*.patch --exclude=\*.html --exclude=aclocal.m4 --exclude=bubblewrap --exclude=po --exclude=Makefile.in flatpak_0.8.0-1.dsc flatpak_0.8.2-1.dsc
diffstat for flatpak-0.8.0 flatpak-0.8.2
Makefile.am | 7
NEWS | 56 ++
app/flatpak-builtins-build.c | 8
app/flatpak-builtins-install.c | 2
app/flatpak-builtins-list.c | 2
app/flatpak-main.c | 4
app/flatpak-transaction.c | 23
builder/builder-main.c | 2
builder/builder-manifest.c | 9
builder/builder-source-bzr.c | 2
builder/builder-source.c | 2
common/flatpak-dir.c | 9
common/flatpak-dir.h | 1
common/flatpak-json.c | 7
common/flatpak-oci-registry.c | 8
common/flatpak-run.c | 258 +++++++---
common/flatpak-run.h | 1
common/flatpak-utils.c | 30 -
common/flatpak-utils.h | 1
configure.ac | 18
debian/changelog | 48 +
debian/control | 2
debian/patches/series | 2
debian/tests/builder-python | 6
debian/tests/control | 9
debian/tests/gnome-desktop-testing | 4
doc/flatpak-builder.xml | 2
doc/flatpak-flatpakref.xml | 4
doc/flatpak-flatpakrepo.xml | 4
document-portal/xdp-fuse.c | 67 +-
lib/flatpak-installation.c | 2
lib/flatpak-version-macros.h | 2
permission-store/xdg-permission-store.c | 2
session-helper/flatpak-session-helper.c | 4
system-helper/Makefile.am.inc | 2
system-helper/flatpak-system-helper.c | 2
system-helper/flatpak-system-helper.service.in | 1
system-helper/org.freedesktop.Flatpak.SystemHelper.service.in | 1
tests/Makefile.am.inc | 2
tests/libtest.sh | 8
tests/make-test-app.sh | 3
tests/make-test-runtime.sh | 3
tests/package_version.txt | 2
tests/test-builder.sh | 2
tests/test-bundle.sh | 22
tests/test-extensions.sh | 19
tests/test-oci.sh | 30 +
tests/test-run.sh | 16
tests/testlibrary.c | 7
49 files changed, 570 insertions(+), 158 deletions(-)
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/app/flatpak-builtins-build.c flatpak-0.8.2/app/flatpak-builtins-build.c
--- flatpak-0.8.0/app/flatpak-builtins-build.c 2016-10-28 09:41:14.000000000 +0100
+++ flatpak-0.8.2/app/flatpak-builtins-build.c 2017-01-27 09:50:41.000000000 +0000
@@ -85,6 +85,7 @@
g_autoptr(FlatpakContext) app_context = NULL;
gboolean custom_usr;
g_auto(GStrv) runtime_ref_parts = NULL;
+ FlatpakRunFlags run_flags;
context = g_option_context_new (_("DIRECTORY [COMMAND [args...]] - Build in directory"));
g_option_context_set_translation_domain (context, GETTEXT_PACKAGE);
@@ -180,9 +181,12 @@
"--lock-file", "/usr/.ref",
NULL);
+ run_flags = FLATPAK_RUN_FLAG_DEVEL | FLATPAK_RUN_FLAG_NO_SESSION_HELPER;
+ if (custom_usr)
+ run_flags |= FLATPAK_RUN_FLAG_WRITABLE_ETC;
+
if (!flatpak_run_setup_base_argv (argv_array, NULL, runtime_files, NULL, runtime_ref_parts[2],
- FLATPAK_RUN_FLAG_DEVEL | FLATPAK_RUN_FLAG_NO_SESSION_HELPER,
- error))
+ run_flags, error))
return FALSE;
/* After setup_base to avoid conflicts with /var symlinks */
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/app/flatpak-builtins-install.c flatpak-0.8.2/app/flatpak-builtins-install.c
--- flatpak-0.8.0/app/flatpak-builtins-install.c 2016-12-20 15:26:38.000000000 +0000
+++ flatpak-0.8.2/app/flatpak-builtins-install.c 2017-01-24 08:54:11.000000000 +0000
@@ -354,7 +354,7 @@
if (!handle_runtime_repo_deps_from_keyfile (dir, file_data, error))
return FALSE;
- if (!flatpak_dir_create_remote_for_ref_file (dir, file_data, &remote, &ref, error))
+ if (!flatpak_dir_create_remote_for_ref_file (dir, file_data, opt_arch, &remote, &ref, error))
return FALSE;
/* Need to pick up the new config, in case it was applied in the system helper. */
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/app/flatpak-builtins-list.c flatpak-0.8.2/app/flatpak-builtins-list.c
--- flatpak-0.8.0/app/flatpak-builtins-list.c 2016-12-19 09:06:18.000000000 +0000
+++ flatpak-0.8.2/app/flatpak-builtins-list.c 2017-01-27 09:50:24.000000000 +0000
@@ -210,7 +210,7 @@
if (strcmp (parts[0], "app") == 0)
{
- g_autofree char *current;
+ g_autofree char *current = NULL;
current = flatpak_dir_current_ref (dir, parts[1], cancellable);
if (current && strcmp (ref, current) == 0)
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/app/flatpak-main.c flatpak-0.8.2/app/flatpak-main.c
--- flatpak-0.8.0/app/flatpak-main.c 2016-12-19 09:05:13.000000000 +0000
+++ flatpak-0.8.2/app/flatpak-main.c 2017-01-27 09:50:24.000000000 +0000
@@ -174,7 +174,7 @@
gboolean is_error)
{
GOptionContext *context;
- g_autofree char *help;
+ g_autofree char *help = NULL;
context = flatpak_option_context_new_with_commands (commands);
@@ -344,7 +344,7 @@
if (!command->fn)
{
GOptionContext *context;
- g_autofree char *help;
+ g_autofree char *help = NULL;
context = flatpak_option_context_new_with_commands (commands);
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/app/flatpak-transaction.c flatpak-0.8.2/app/flatpak-transaction.c
--- flatpak-0.8.0/app/flatpak-transaction.c 2016-12-20 15:26:38.000000000 +0000
+++ flatpak-0.8.2/app/flatpak-transaction.c 2017-01-24 08:54:11.000000000 +0000
@@ -419,8 +419,11 @@
/* Update if in same dir */
if (dir_ref_is_installed (self->dir, full_runtime_ref, &runtime_remote))
{
- flatpak_transaction_add_op (self, runtime_remote, full_runtime_ref, NULL, NULL, NULL,
- FLATPAK_TRANSACTION_OP_KIND_UPDATE);
+ FlatpakTransactionOp *op;
+ g_debug ("Updating dependent runtime %s", full_runtime_ref);
+ op = flatpak_transaction_add_op (self, runtime_remote, full_runtime_ref, NULL, NULL, NULL,
+ FLATPAK_TRANSACTION_OP_KIND_UPDATE);
+ op->non_fatal = TRUE;
}
}
}
@@ -447,6 +450,7 @@
const char *pref;
g_autofree char *remote_metadata = NULL;
g_autoptr(GKeyFile) metakey = NULL;
+ g_autoptr(GError) local_error = NULL;
pref = strchr (ref, '/') + 1;
@@ -466,7 +470,7 @@
}
remote = origin;
}
- else
+ else if (kind == FLATPAK_TRANSACTION_OP_KIND_INSTALL)
{
g_assert (remote != NULL);
if (dir_ref_is_installed (self->dir, ref, NULL))
@@ -477,9 +481,16 @@
}
}
- if (metadata == NULL && remote != NULL &&
- flatpak_dir_fetch_ref_cache (self->dir, remote, ref, NULL, NULL, &remote_metadata, NULL, NULL))
- metadata = remote_metadata;
+ if (metadata == NULL && remote != NULL)
+ {
+ if (flatpak_dir_fetch_ref_cache (self->dir, remote, ref, NULL, NULL, &remote_metadata, NULL, &local_error))
+ metadata = remote_metadata;
+ else
+ {
+ g_print ("Warning: Can't find dependencies: %s\n", local_error->message);
+ g_clear_error (&local_error);
+ }
+ }
if (metadata)
{
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/builder/builder-main.c flatpak-0.8.2/builder/builder-main.c
--- flatpak-0.8.0/builder/builder-main.c 2016-12-19 13:53:59.000000000 +0000
+++ flatpak-0.8.2/builder/builder-main.c 2017-01-19 14:33:30.000000000 +0000
@@ -200,7 +200,7 @@
g_autoptr(GFileEnumerator) dir_enum2 = NULL;
GFileInfo *next = NULL;
const char *platform_id = NULL;
- g_autofree char **orig_argv;
+ g_autofree char **orig_argv = NULL;
gboolean is_run = FALSE;
gboolean is_show_deps = FALSE;
gboolean app_dir_is_empty = FALSE;
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/builder/builder-manifest.c flatpak-0.8.2/builder/builder-manifest.c
--- flatpak-0.8.0/builder/builder-manifest.c 2016-11-28 11:24:52.000000000 +0000
+++ flatpak-0.8.2/builder/builder-manifest.c 2017-01-27 09:50:24.000000000 +0000
@@ -906,14 +906,19 @@
{
const char *module_path = json_node_get_string (element_node);
g_autofree char *json = NULL;
+ g_autoptr(GError) error = NULL;
- if (g_file_get_contents (module_path, &json, NULL, NULL))
+ if (g_file_get_contents (module_path, &json, NULL, &error))
{
module = json_gobject_from_data (BUILDER_TYPE_MODULE,
- json, -1, NULL);
+ json, -1, &error);
if (module)
builder_module_set_json_path (BUILDER_MODULE (module), module_path);
}
+ if (error != NULL)
+ {
+ g_error ("Failed to load included manifest (%s): %s", module_path, error->message);
+ }
}
else if (JSON_NODE_HOLDS_OBJECT (element_node))
module = json_gobject_deserialize (BUILDER_TYPE_MODULE, element_node);
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/builder/builder-source-bzr.c flatpak-0.8.2/builder/builder-source-bzr.c
--- flatpak-0.8.0/builder/builder-source-bzr.c 2016-10-28 09:41:14.000000000 +0100
+++ flatpak-0.8.2/builder/builder-source-bzr.c 2017-01-19 14:33:30.000000000 +0000
@@ -245,7 +245,7 @@
BuilderContext *context)
{
BuilderSourceBzr *self = BUILDER_SOURCE_BZR (source);
- g_autofree char *current_commit;
+ g_autofree char *current_commit = NULL;
g_autoptr(GError) error = NULL;
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/builder/builder-source.c flatpak-0.8.2/builder/builder-source.c
--- flatpak-0.8.0/builder/builder-source.c 2016-11-28 11:24:52.000000000 +0000
+++ flatpak-0.8.2/builder/builder-source.c 2017-01-19 14:33:30.000000000 +0000
@@ -264,7 +264,7 @@
{
BuilderSourceClass *class;
- g_autoptr(GFile) real_dest;
+ g_autoptr(GFile) real_dest = NULL;
class = BUILDER_SOURCE_GET_CLASS (self);
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/common/flatpak-dir.c flatpak-0.8.2/common/flatpak-dir.c
--- flatpak-0.8.0/common/flatpak-dir.c 2016-12-20 15:27:47.000000000 +0000
+++ flatpak-0.8.2/common/flatpak-dir.c 2017-01-24 08:54:11.000000000 +0000
@@ -2603,7 +2603,7 @@
{
gboolean ret = FALSE;
- g_autoptr(GFile) base;
+ g_autoptr(GFile) base = NULL;
g_autoptr(GFileEnumerator) dir_enum = NULL;
g_autoptr(GFileInfo) child_info = NULL;
GError *temp_error = NULL;
@@ -6635,6 +6635,7 @@
gboolean
flatpak_dir_create_remote_for_ref_file (FlatpakDir *self,
GBytes *data,
+ const char *default_arch,
char **remote_name_out,
char **ref_out,
GError **error)
@@ -6652,7 +6653,7 @@
if (!parse_ref_file (data, &name, &branch, &url, &title, &gpg_data, &is_runtime, error))
return FALSE;
- ref = flatpak_compose_ref (!is_runtime, name, branch, NULL, error);
+ ref = flatpak_compose_ref (!is_runtime, name, branch, default_arch, error);
if (ref == NULL)
return FALSE;
@@ -7282,7 +7283,7 @@
if (cache_v == NULL)
{
g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
- _("Data not found"));
+ _("No flatpak cache in remote summary"));
return FALSE;
}
@@ -7291,7 +7292,7 @@
if (res == NULL)
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
- _("Data not found for ref %s"), ref);
+ _("No entry for %s in remote summary flatpak cache "), ref);
return FALSE;
}
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/common/flatpak-dir.h flatpak-0.8.2/common/flatpak-dir.h
--- flatpak-0.8.0/common/flatpak-dir.h 2016-12-20 15:26:38.000000000 +0000
+++ flatpak-0.8.2/common/flatpak-dir.h 2017-01-24 08:54:11.000000000 +0000
@@ -463,6 +463,7 @@
GError **error);
gboolean flatpak_dir_create_remote_for_ref_file (FlatpakDir *self,
GBytes *data,
+ const char *default_arch,
char **remote_name_out,
char **ref_out,
GError **error);
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/common/flatpak-json.c flatpak-0.8.2/common/flatpak-json.c
--- flatpak-0.8.0/common/flatpak-json.c 2016-12-13 14:55:18.000000000 +0000
+++ flatpak-0.8.2/common/flatpak-json.c 2016-12-21 13:20:28.000000000 +0000
@@ -588,10 +588,15 @@
flatpak_json_to_bytes (FlatpakJson *self)
{
g_autoptr(JsonNode) node = NULL;
+ g_autoptr(JsonGenerator) generator = NULL;
char *str;
node = flatpak_json_to_node (FLATPAK_JSON (self));
- str = json_to_string (node, TRUE);
+ generator = json_generator_new ();
+ json_generator_set_pretty (generator, TRUE);
+ json_generator_set_root (generator, node);
+
+ str = json_generator_to_data (generator, NULL);
return g_bytes_new_take (str, strlen (str));
}
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/common/flatpak-oci-registry.c flatpak-0.8.2/common/flatpak-oci-registry.c
--- flatpak-0.8.0/common/flatpak-oci-registry.c 2016-12-19 10:15:44.000000000 +0000
+++ flatpak-0.8.2/common/flatpak-oci-registry.c 2017-01-11 23:17:16.000000000 +0000
@@ -297,7 +297,7 @@
return NULL;
}
- return json_node_ref (root);
+ return json_node_copy (root);
}
static gboolean
@@ -1014,6 +1014,12 @@
error))
return NULL;
+ if (fchmod (tmp_fd, 0644) != 0)
+ {
+ glnx_set_error_from_errno (error);
+ return NULL;
+ }
+
a = archive_write_new ();
if (archive_write_set_format_gnutar (a) != ARCHIVE_OK ||
archive_write_add_filter_none (a) != ARCHIVE_OK)
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/common/flatpak-run.c flatpak-0.8.2/common/flatpak-run.c
--- flatpak-0.8.0/common/flatpak-run.c 2016-12-13 14:55:18.000000000 +0000
+++ flatpak-0.8.2/common/flatpak-run.c 2017-01-27 09:51:06.000000000 +0000
@@ -26,6 +26,7 @@
#include <unistd.h>
#include <sys/utsname.h>
#include <sys/socket.h>
+#include <sys/ioctl.h>
#include <grp.h>
#ifdef ENABLE_SECCOMP
@@ -92,6 +93,12 @@
"tmp", "etc", "app", "run", "proc", "sys", "dev", "var", NULL
};
+/* We don't want to export paths pointing into these, because they are readonly
+ (so we can't create mountpoints there) and don't match whats on the host anyway */
+const char *dont_export_in[] = {
+ "/lib/", "/lib32/", "/lib64/", "/bin/", "/sbin/", "/usr/", "/etc/", "/app/", NULL
+};
+
typedef enum {
FLATPAK_CONTEXT_DEVICE_DRI = 1 << 0,
FLATPAK_CONTEXT_DEVICE_ALL = 1 << 1,
@@ -562,7 +569,7 @@
{
char *slash;
const char *rest;
- g_autofree char *prefix;
+ g_autofree char *prefix = NULL;
const char *dir = NULL;
gsize len;
@@ -596,7 +603,7 @@
{
char *slash;
const char *rest;
- g_autofree char *prefix;
+ g_autofree char *prefix = NULL;
gsize len;
slash = strchr (filesystem, '/');
@@ -2014,9 +2021,13 @@
static char *
create_proxy_socket (char *template)
{
- g_autofree char *proxy_socket = g_build_filename (g_get_user_runtime_dir (), template, NULL);
+ g_autofree char *proxy_socket_dir = g_build_filename (g_get_user_runtime_dir (), ".dbus-proxy", NULL);
+ g_autofree char *proxy_socket = g_build_filename (proxy_socket_dir, template, NULL);
int fd;
+ if (!glnx_shutil_mkdir_p_at (AT_FDCWD, proxy_socket_dir, 0755, NULL, NULL))
+ return NULL;
+
fd = g_mkstemp (proxy_socket);
if (fd == -1)
return NULL;
@@ -2054,7 +2065,7 @@
else if (dbus_proxy_argv &&
g_hash_table_size (context->system_bus_policy) > 0)
{
- g_autofree char *proxy_socket = create_proxy_socket (".system-bus-proxy-XXXXXX");
+ g_autofree char *proxy_socket = create_proxy_socket ("system-bus-proxy-XXXXXX");
if (proxy_socket == NULL)
return FALSE;
@@ -2105,7 +2116,7 @@
}
else if (dbus_proxy_argv && dbus_address != NULL)
{
- g_autofree char *proxy_socket = create_proxy_socket (".session-bus-proxy-XXXXXX");
+ g_autofree char *proxy_socket = create_proxy_socket ("session-bus-proxy-XXXXXX");
if (proxy_socket == NULL)
return FALSE;
@@ -2186,7 +2197,7 @@
}
add_args (argv_array,
- "--bind", ext->files_path, full_directory,
+ "--ro-bind", ext->files_path, full_directory,
NULL);
if (g_file_test (real_ref, G_FILE_TEST_EXISTS))
@@ -2200,9 +2211,40 @@
return TRUE;
}
+static char *
+make_relative (const char *base, const char *path)
+{
+ GString *s = g_string_new ("");
+
+ while (*base != 0)
+ {
+ while (*base == '/')
+ base++;
+
+ if (*base != 0)
+ g_string_append (s, "../");
+
+ while (*base != '/' && *base != 0)
+ base++;
+ }
+
+ while (*path == '/')
+ path++;
+
+ g_string_append (s, path);
+
+ return g_string_free (s, FALSE);
+}
+
#define FAKE_MODE_HIDDEN 0
#define FAKE_MODE_SYMLINK G_MAXINT
+typedef struct {
+ char *path;
+ int level;
+ guint mode;
+} ExportedPath;
+
static gboolean
path_is_visible (const char **keys,
guint n_keys,
@@ -2216,14 +2258,13 @@
for (i = 0; i < n_keys; i++)
{
const char *mounted_path = keys[i];
- guint mode;
- mode = GPOINTER_TO_INT (g_hash_table_lookup (hash_table, mounted_path));
+ ExportedPath *ep = g_hash_table_lookup (hash_table, mounted_path);
if (flatpak_has_path_prefix (path, mounted_path))
{
- if (mode == FAKE_MODE_HIDDEN)
+ if (ep->mode == FAKE_MODE_HIDDEN)
is_visible = FALSE;
- else if (mode != FAKE_MODE_SYMLINK)
+ else if (ep->mode != FAKE_MODE_SYMLINK)
is_visible = TRUE;
}
}
@@ -2231,33 +2272,47 @@
return is_visible;
}
+static gint
+compare_eps (const ExportedPath *a,
+ const ExportedPath *b)
+{
+ if (a->level == b->level)
+ return g_strcmp0 (a->path, b->path);
+ else
+ return b->level - a->level;
+}
+
static void
add_file_args (GPtrArray *argv_array,
GHashTable *hash_table)
{
guint n_keys;
g_autofree const char **keys = (const char **)g_hash_table_get_keys_as_array (hash_table, &n_keys);
- guint i;
+ g_autoptr(GList) eps = NULL;
+ GList *l;
+
+ eps = g_hash_table_get_values (hash_table);
+ eps = g_list_sort (eps, (GCompareFunc)compare_eps);
g_qsort_with_data (keys, n_keys, sizeof (char *), (GCompareDataFunc) flatpak_strcmp0_ptr, NULL);
- for (i = 0; i < n_keys; i++)
+ for (l = eps; l != NULL; l = l->next)
{
- const char *path = keys[i];
- guint mode;
+ ExportedPath *ep = l->data;
+ const char *path = ep->path;
- mode = GPOINTER_TO_INT (g_hash_table_lookup (hash_table, path));
-
- if (mode == FAKE_MODE_SYMLINK)
+ if (ep->mode == FAKE_MODE_SYMLINK)
{
if (!path_is_visible (keys, n_keys, hash_table, path))
{
g_autofree char *resolved = flatpak_resolve_link (path, NULL);
+ g_autofree char *parent = g_path_get_dirname (path);
+ g_autofree char *relative = make_relative (parent, resolved);
if (resolved)
- add_args (argv_array, "--symlink", resolved, path, NULL);
+ add_args (argv_array, "--symlink", relative, path, NULL);
}
}
- else if (mode == FAKE_MODE_HIDDEN)
+ else if (ep->mode == FAKE_MODE_HIDDEN)
{
/* Mount a tmpfs to hide the subdirectory, but only if
either its not visible (then we can always create the
@@ -2268,9 +2323,11 @@
add_args (argv_array, "--tmpfs", path, NULL);
}
else
- add_args (argv_array,
- (mode == FLATPAK_FILESYSTEM_MODE_READ_ONLY) ? "--ro-bind" : "--bind",
- path, path, NULL);
+ {
+ add_args (argv_array,
+ (ep->mode == FLATPAK_FILESYSTEM_MODE_READ_ONLY) ? "--ro-bind" : "--bind",
+ path, path, NULL);
+ }
}
}
@@ -2279,50 +2336,100 @@
const char *path)
{
guint old_mode;
+ ExportedPath *ep = g_new0 (ExportedPath, 1);
+ ExportedPath *old_ep;
- old_mode = GPOINTER_TO_INT (g_hash_table_lookup (hash_table, path));
- g_hash_table_insert (hash_table, g_strdup (path),
- GINT_TO_POINTER ( MAX (old_mode, FAKE_MODE_HIDDEN)));
-}
+ old_ep = g_hash_table_lookup (hash_table, path);
+ if (old_ep)
+ old_mode = old_ep->mode;
+ else
+ old_mode = 0;
-static void
-add_expose_path (GHashTable *hash_table,
- FlatpakFilesystemMode mode,
- const char *path)
+ ep->path = g_strdup (path);
+ ep->level = 0;
+ ep->mode = MAX (old_mode, FAKE_MODE_HIDDEN);
+ g_hash_table_insert (hash_table, ep->path, ep);
+}
+
+/* We use the level to make sure we get the ordering somewhat right.
+ * For instance if /symlink -> /z_dir is exported, then we want to create
+ * /z_dir before /symlink, because otherwise an export like /symlink/foo
+ * will fail. The approach we use is to just bump the sort prio based on the
+ * symlink resolve depth. This it not perfect, but gets the common situation
+ * such as --filesystem=/link --filesystem=/link/dir right.
+ */
+static gboolean
+_add_expose_path (GHashTable *hash_table,
+ FlatpakFilesystemMode mode,
+ const char *path,
+ int level)
{
+ g_autofree char *canonical = flatpak_canonicalize_filename (path);
struct stat st;
+ int i;
+
+ if (!g_path_is_absolute (path))
+ {
+ g_debug ("Not exposing relative path %s", path);
+ return FALSE;
+ }
+
+ for (i = 0; dont_export_in[i] != NULL; i++)
+ {
+ /* Don't expose files in non-mounted dirs like /app or /usr, as
+ they are not the same as on the host, and we generally can't
+ create the parents for them anyway */
+ if (g_str_has_prefix (canonical, dont_export_in[i]))
+ {
+ g_debug ("skipping export for path %s", canonical);
+ return FALSE;
+ }
+ }
if (lstat (path, &st) != 0)
- return;
+ return FALSE;
if (S_ISDIR (st.st_mode) ||
S_ISREG (st.st_mode) ||
S_ISLNK (st.st_mode) ||
S_ISSOCK (st.st_mode))
{
- guint old_mode;
+ ExportedPath *old_ep = g_hash_table_lookup (hash_table, path);
+ guint old_mode = 0;
- old_mode = GPOINTER_TO_INT (g_hash_table_lookup (hash_table, path));
+ if (old_ep != NULL)
+ old_mode = old_ep->mode;
if (S_ISLNK (st.st_mode))
{
g_autofree char *resolved = flatpak_resolve_link (path, NULL);
- /* Don't keep symlinks into /app or /usr, as they are not the
- same as on the host, and we generally can't create the parents
- for them anyway */
- if (resolved &&
- !g_str_has_prefix (resolved, "/app/") &&
- !g_str_has_prefix (resolved, "/usr/"))
- {
- add_expose_path (hash_table, mode, resolved);
- mode = FAKE_MODE_SYMLINK;
- }
+
+ if (resolved && _add_expose_path (hash_table, mode, resolved, level + 1))
+ mode = FAKE_MODE_SYMLINK;
else
mode = 0;
}
+
if (mode > 0)
- g_hash_table_insert (hash_table, g_strdup (path), GINT_TO_POINTER ( MAX (old_mode, mode)));
+ {
+ ExportedPath *ep = g_new0 (ExportedPath, 1);
+ ep->path = g_strdup (path);
+ ep->mode = MAX (old_mode, mode);
+ ep->level = level;
+ g_hash_table_insert (hash_table, ep->path, ep);
+ return TRUE;
+ }
}
+
+ return FALSE;
+}
+
+static gboolean
+add_expose_path (GHashTable *hash_table,
+ FlatpakFilesystemMode mode,
+ const char *path)
+{
+ return _add_expose_path (hash_table, mode, path, 0);
}
void
@@ -2343,7 +2450,7 @@
GString *xdg_dirs_conf = NULL;
FlatpakFilesystemMode fs_mode, home_mode;
g_autoptr(GFile) user_flatpak_dir = NULL;
- g_autoptr(GHashTable) fs_paths = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL);
+ g_autoptr(GHashTable) fs_paths = g_hash_table_new_full (g_str_hash, g_str_equal, NULL, g_free);
if ((context->shares & FLATPAK_CONTEXT_SHARED_IPC) == 0)
{
@@ -2373,6 +2480,13 @@
g_debug ("Allowing dri access");
if (g_file_test ("/dev/dri", G_FILE_TEST_IS_DIR))
add_args (argv_array, "--dev-bind", "/dev/dri", "/dev/dri", NULL);
+ if (g_file_test ("/dev/mali", G_FILE_TEST_EXISTS))
+ {
+ add_args (argv_array,
+ "--dev-bind", "/dev/mali", "/dev/mali",
+ "--dev-bind", "/dev/umplock", "/dev/umplock",
+ NULL);
+ }
if (g_file_test ("/dev/nvidiactl", G_FILE_TEST_EXISTS))
{
add_args (argv_array,
@@ -2554,6 +2668,11 @@
/* This actually outputs the args for the hide/expose operations above */
add_file_args (argv_array, fs_paths);
+ /* Ensure we always have a homedir */
+ add_args (argv_array,
+ "--dir", g_get_home_dir (),
+ NULL);
+
/* Special case subdirectories of the cache, config and data xdg dirs.
* If these are accessible explicilty, in a read-write fashion, then
* we bind-mount these in the app-id dir. This allows applications to
@@ -2573,7 +2692,7 @@
xdg_path = get_xdg_dir_from_string (filesystem, &rest, &where);
if (xdg_path != NULL && *rest != 0 &&
- mode > FLATPAK_FILESYSTEM_MODE_READ_WRITE)
+ mode >= FLATPAK_FILESYSTEM_MODE_READ_WRITE)
{
g_autoptr(GFile) app_version = g_file_get_child (app_id_dir, where);
g_autoptr(GFile) app_version_subdir = g_file_resolve_relative_path (app_version, rest);
@@ -2829,6 +2948,7 @@
g_autoptr(GFile) dir = flatpak_get_data_dir (app_id);
g_autoptr(GFile) data_dir = g_file_get_child (dir, "data");
g_autoptr(GFile) cache_dir = g_file_get_child (dir, "cache");
+ g_autoptr(GFile) tmp_dir = g_file_get_child (cache_dir, "tmp");
g_autoptr(GFile) config_dir = g_file_get_child (dir, "config");
if (!flatpak_mkdir_p (data_dir, cancellable, error))
@@ -2837,6 +2957,9 @@
if (!flatpak_mkdir_p (cache_dir, cancellable, error))
return NULL;
+ if (!flatpak_mkdir_p (tmp_dir, cancellable, error))
+ return NULL;
+
if (!flatpak_mkdir_p (config_dir, cancellable, error))
return NULL;
@@ -2964,7 +3087,7 @@
if (g_file_test (SYSTEM_FONTS_DIR, G_FILE_TEST_EXISTS))
{
add_args (argv_array,
- "--bind", SYSTEM_FONTS_DIR, "/run/host/fonts",
+ "--ro-bind", SYSTEM_FONTS_DIR, "/run/host/fonts",
NULL);
}
@@ -2975,13 +3098,13 @@
if (g_file_query_exists (user_font1, NULL))
{
add_args (argv_array,
- "--bind", flatpak_file_get_path_cached (user_font1), "/run/host/user-fonts",
+ "--ro-bind", flatpak_file_get_path_cached (user_font1), "/run/host/user-fonts",
NULL);
}
else if (g_file_query_exists (user_font2, NULL))
{
add_args (argv_array,
- "--bind", flatpak_file_get_path_cached (user_font2), "/run/host/user-fonts",
+ "--ro-bind", flatpak_file_get_path_cached (user_font2), "/run/host/user-fonts",
NULL);
}
}
@@ -3128,7 +3251,7 @@
NULL, NULL))
{
add_args (argv_array,
- "--bind", monitor_path, "/run/host/monitor",
+ "--ro-bind", monitor_path, "/run/host/monitor",
NULL);
add_args (argv_array,
"--symlink", "/run/host/monitor/localtime", "/etc/localtime",
@@ -3159,7 +3282,7 @@
else
{
add_args (argv_array,
- "--bind", "/etc/localtime", "/etc/localtime",
+ "--ro-bind", "/etc/localtime", "/etc/localtime",
NULL);
}
}
@@ -3167,7 +3290,7 @@
if (g_file_test ("/etc/resolv.conf", G_FILE_TEST_EXISTS))
{
add_args (argv_array,
- "--bind", "/etc/resolv.conf", "/etc/resolv.conf",
+ "--ro-bind", "/etc/resolv.conf", "/etc/resolv.conf",
NULL);
}
}
@@ -3274,6 +3397,7 @@
gsize bwrap_args_len;
glnx_fd_close int bwrap_args_fd = -1;
g_autofree char *bwrap_args_data = NULL;
+ g_autofree char *proxy_socket_dir = g_build_filename (g_get_user_runtime_dir (), ".dbus-proxy/", NULL);
if (!glnx_dirfd_iterator_init_at (AT_FDCWD, "/", FALSE, &dir_iter, error))
return FALSE;
@@ -3319,6 +3443,10 @@
}
}
+ g_ptr_array_add (bwrap_args, g_strdup ("--bind"));
+ g_ptr_array_add (bwrap_args, g_strdup (proxy_socket_dir));
+ g_ptr_array_add (bwrap_args, g_strdup (proxy_socket_dir));
+
g_ptr_array_add (bwrap_args, g_strdup ("--ro-bind-data"));
g_ptr_array_add (bwrap_args, g_strdup_printf ("%d", app_info_fd));
g_ptr_array_add (bwrap_args, g_strdup ("/.flatpak-info"));
@@ -3519,6 +3647,9 @@
{SCMP_SYS (mount)},
{SCMP_SYS (pivot_root)},
{SCMP_SYS (clone), &SCMP_A0 (SCMP_CMP_MASKED_EQ, CLONE_NEWUSER, CLONE_NEWUSER)},
+
+ /* Don't allow faking input to the controlling tty (CVE-2017-5226) */
+ {SCMP_SYS (ioctl), &SCMP_A1(SCMP_CMP_EQ, (int)TIOCSTI)},
};
struct
@@ -3738,19 +3869,27 @@
"--ro-bind", "/sys/class", "/sys/class",
"--ro-bind", "/sys/dev", "/sys/dev",
"--ro-bind", "/sys/devices", "/sys/devices",
+ NULL);
+
+ if (flags & FLATPAK_RUN_FLAG_WRITABLE_ETC)
+ add_args (argv_array,
+ "--dir", "/usr/etc",
+ "--symlink", "usr/etc", "/etc",
+ NULL);
+
+ add_args (argv_array,
"--bind-data", passwd_fd_str, "/etc/passwd",
"--bind-data", group_fd_str, "/etc/group",
- /* Always create a homedir to start from, although it may be covered later */
- "--dir", g_get_home_dir (),
NULL);
if (g_file_test ("/etc/machine-id", G_FILE_TEST_EXISTS))
- add_args (argv_array, "--bind", "/etc/machine-id", "/etc/machine-id", NULL);
+ add_args (argv_array, "--ro-bind", "/etc/machine-id", "/etc/machine-id", NULL);
else if (g_file_test ("/var/lib/dbus/machine-id", G_FILE_TEST_EXISTS))
- add_args (argv_array, "--bind", "/var/lib/dbus/machine-id", "/etc/machine-id", NULL);
+ add_args (argv_array, "--ro-bind", "/var/lib/dbus/machine-id", "/etc/machine-id", NULL);
etc = g_file_get_child (runtime_files, "etc");
- if (g_file_query_exists (etc, NULL))
+ if ((flags & FLATPAK_RUN_FLAG_WRITABLE_ETC) == 0 &&
+ g_file_query_exists (etc, NULL))
{
g_auto(GLnxDirFdIterator) dfd_iter = { 0, };
struct dirent *dent;
@@ -3797,6 +3936,7 @@
if (app_id_dir != NULL)
{
g_autoptr(GFile) app_cache_dir = g_file_get_child (app_id_dir, "cache");
+ g_autoptr(GFile) app_tmp_dir = g_file_get_child (app_cache_dir, "tmp");
g_autoptr(GFile) app_data_dir = g_file_get_child (app_id_dir, "data");
g_autoptr(GFile) app_config_dir = g_file_get_child (app_id_dir, "config");
@@ -3805,6 +3945,7 @@
"--bind", flatpak_file_get_path_cached (app_cache_dir), "/var/cache",
"--bind", flatpak_file_get_path_cached (app_data_dir), "/var/data",
"--bind", flatpak_file_get_path_cached (app_config_dir), "/var/config",
+ "--bind", flatpak_file_get_path_cached (app_tmp_dir), "/var/tmp",
NULL);
}
@@ -3833,7 +3974,8 @@
return FALSE;
#endif
- add_monitor_path_args ((flags & FLATPAK_RUN_FLAG_NO_SESSION_HELPER) == 0, argv_array);
+ if ((flags & FLATPAK_RUN_FLAG_WRITABLE_ETC) == 0)
+ add_monitor_path_args ((flags & FLATPAK_RUN_FLAG_NO_SESSION_HELPER) == 0, argv_array);
return TRUE;
}
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/common/flatpak-run.h flatpak-0.8.2/common/flatpak-run.h
--- flatpak-0.8.0/common/flatpak-run.h 2016-10-28 09:41:14.000000000 +0100
+++ flatpak-0.8.2/common/flatpak-run.h 2017-01-27 09:50:41.000000000 +0000
@@ -103,6 +103,7 @@
FLATPAK_RUN_FLAG_LOG_SYSTEM_BUS = (1 << 3),
FLATPAK_RUN_FLAG_NO_SESSION_HELPER = (1 << 4),
FLATPAK_RUN_FLAG_MULTIARCH = (1 << 5),
+ FLATPAK_RUN_FLAG_WRITABLE_ETC = (1 << 6),
} FlatpakRunFlags;
gboolean flatpak_run_setup_base_argv (GPtrArray *argv_array,
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/common/flatpak-utils.c flatpak-0.8.2/common/flatpak-utils.c
--- flatpak-0.8.0/common/flatpak-utils.c 2016-12-20 15:26:38.000000000 +0000
+++ flatpak-0.8.2/common/flatpak-utils.c 2017-01-19 14:36:06.000000000 +0000
@@ -2182,7 +2182,14 @@
return g_steal_pointer (&link);
dirname = g_path_get_dirname (path);
- return g_build_path (dirname, link, NULL);
+ return g_build_filename (dirname, link, NULL);
+}
+
+char *
+flatpak_canonicalize_filename (const char *path)
+{
+ g_autoptr(GFile) file = g_file_new_for_path (path);
+ return g_file_get_path (file);
}
gboolean flatpak_file_rename (GFile *from,
@@ -2925,8 +2932,11 @@
return FALSE;
id_text = g_strstrip (g_strdup (id_text_node->text));
- if (!g_str_has_prefix (id_text, id) ||
- !g_str_has_suffix (id_text, ".desktop"))
+
+ if (g_str_has_suffix (id_text, ".desktop"))
+ id_text[strlen(id_text)-strlen(".desktop")] = 0;
+
+ if (!g_str_has_prefix (id_text, id))
{
g_warning ("Invalid id %s", id_text);
return FALSE;
@@ -4579,6 +4589,7 @@
GError **error)
{
GBytes *bytes = NULL;
+ g_autoptr(GMainContext) context = NULL;
g_autoptr(SoupRequestHTTP) request = NULL;
g_autoptr(GMainLoop) loop = NULL;
g_autoptr(GString) content = g_string_new ("");
@@ -4586,7 +4597,10 @@
g_debug ("Loading %s using libsoup", uri);
- loop = g_main_loop_new (NULL, TRUE);
+ context = g_main_context_new ();
+ g_main_context_push_thread_default (context);
+
+ loop = g_main_loop_new (context, TRUE);
data.loop = loop;
data.content = content;
data.progress = progress;
@@ -4603,6 +4617,7 @@
load_uri_callback, &data);
g_main_loop_run (loop);
+ g_main_context_pop_thread_default (context);
if (data.error)
{
@@ -4627,11 +4642,15 @@
{
g_autoptr(SoupRequestHTTP) request = NULL;
g_autoptr(GMainLoop) loop = NULL;
+ g_autoptr(GMainContext) context = NULL;
LoadUriData data = { NULL };
g_debug ("Loading %s using libsoup", uri);
- loop = g_main_loop_new (NULL, TRUE);
+ context = g_main_context_new ();
+ g_main_context_push_thread_default (context);
+
+ loop = g_main_loop_new (context, TRUE);
data.loop = loop;
data.out = out;
data.progress = progress;
@@ -4648,6 +4667,7 @@
load_uri_callback, &data);
g_main_loop_run (loop);
+ g_main_context_pop_thread_default (context);
if (data.error)
{
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/common/flatpak-utils.h flatpak-0.8.2/common/flatpak-utils.h
--- flatpak-0.8.0/common/flatpak-utils.h 2016-12-20 15:26:38.000000000 +0000
+++ flatpak-0.8.2/common/flatpak-utils.h 2017-01-19 14:33:34.000000000 +0000
@@ -383,6 +383,7 @@
GError **error);
char * flatpak_resolve_link (const char *path,
GError **error);
+char * flatpak_canonicalize_filename (const char *path);
gboolean flatpak_file_rename (GFile *from,
GFile *to,
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/configure.ac flatpak-0.8.2/configure.ac
--- flatpak-0.8.0/configure.ac 2016-12-20 15:44:00.000000000 +0000
+++ flatpak-0.8.2/configure.ac 2017-01-27 10:34:12.000000000 +0000
@@ -15,8 +15,8 @@
m4_define([flatpak_major_version], [0])
m4_define([flatpak_minor_version], [8])
-m4_define([flatpak_micro_version], [0])
-m4_define([flatpak_interface_age], [0])
+m4_define([flatpak_micro_version], [2])
+m4_define([flatpak_interface_age], [2])
m4_define([flatpak_binary_age],
[m4_eval(10000 * flatpak_major_version + 100 * flatpak_minor_version + flatpak_micro_version)])
m4_define([flatpak_version],
@@ -78,6 +78,12 @@
DBUS_SERVICE_DIR=$with_dbus_service_dir
AC_SUBST(DBUS_SERVICE_DIR)
+AC_ARG_WITH(dbus_config_dir,
+ AS_HELP_STRING([--with-dbus-config-dir=PATH],[choose directory for dbus config files, [default=SYSCONFDIR/dbus-1/system.d]]),
+ with_dbus_config_dir="$withval", with_dbus_config_dir=${sysconfdir}/dbus-1/system.d)
+DBUS_CONFIG_DIR=$with_dbus_config_dir
+AC_SUBST(DBUS_CONFIG_DIR)
+
AC_ARG_WITH([systemduserunitdir],
[AS_HELP_STRING([--with-systemduserunitdir=DIR],
[Directory for systemd user service files (default=PREFIX/lib/systemd/user)])],
@@ -102,6 +108,12 @@
SYSTEM_FONTS_DIR=$with_system_fonts_dir
AC_SUBST(SYSTEM_FONTS_DIR)
+AC_ARG_WITH(profile_dir,
+ AS_HELP_STRING([--with-profile-dir=PATH],[choose directory for profile.d files, [default=SYSCONFDIR/profile.d]]),
+ with_profile_dir="$withval", with_profile_dir=${sysconfdir}/profile.d)
+PROFILE_DIR=$with_profile_dir
+AC_SUBST(PROFILE_DIR)
+
AC_ARG_VAR([BWRAP], [Bubblewrap executable])
AC_ARG_WITH([system-bubblewrap],
[AS_HELP_STRING([--with-system-bubblewrap], [Use system bwrap executable [default=check $BWRAP]])],
@@ -247,7 +259,7 @@
[with_dwarf_header=yes])
AS_IF([test "x$with_dwarf_header" = "xyes"],
- [CPPFLAGS="$CPPFLAGS -I$(eval echo \"$includedir\")/libdwarf"
+ [CPPFLAGS="$CPPFLAGS -I$(eval echo \"$includedir\")/libdwarf -I/usr/include/libdwarf"
AC_CHECK_HEADER([dwarf.h])
AS_IF([test "x$ac_cv_header_dwarf_h" != "xyes"],
[AC_MSG_ERROR([dwarf.h is required but was not found; locate it using --with-dwarf-header=/path/containing/header])])],
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/debian/changelog flatpak-0.8.2/debian/changelog
--- flatpak-0.8.0/debian/changelog 2016-12-21 14:13:52.000000000 +0000
+++ flatpak-0.8.2/debian/changelog 2017-01-27 21:56:51.000000000 +0000
@@ -1,3 +1,51 @@
+flatpak (0.8.2-1) unstable; urgency=medium
+
+ * New upstream bugfix release
+ - drop remaining patch, applied upstream
+ - security fix: prevent writing to per-user-installed fonts
+ and Flatpak extensions (typically locales)
+ * d/control: flatpak-tests Recommends python, which is needed for
+ one test (silencing a lintian warning)
+
+ -- Simon McVittie <smcv@debian.org> Fri, 27 Jan 2017 21:56:51 +0000
+
+flatpak (0.8.1-1) unstable; urgency=medium
+
+ * New upstream release, very similar to 0.8.0-2
+ - drop all patches
+ * d/p/flatpak-system-helper-remove-dangling-reference-to-EXTERN.patch:
+ do not search /export/share, which seems to have been unintended
+
+ -- Simon McVittie <smcv@debian.org> Thu, 19 Jan 2017 14:55:24 +0000
+
+flatpak (0.8.0-2) unstable; urgency=medium
+
+ * d/p/Use-seccomp-to-filter-out-TIOCSTI-ioctl.patch:
+ Add patch from upstream to prevent contained apps from using
+ TIOCSTI ioctl. This would let the app inject commands into the
+ terminal from which it was invoked (CVE-2017-5226). This was
+ initially fixed in bubblewrap by calling setsid(), but that
+ breaks the ability to use Ctrl+Z or Ctrl+C on a flatpak-confined
+ process, so it is being made optional; prevent the attack here
+ instead, in a way that doesn't break shells.
+ * d/p/Fix-update-of-standalone-bundle.patch:
+ Add patch from upstream to fix updating an existing app with
+ "flatpak install --bundle foo.flatpak"
+ * d/p/Make-sure-var-tmp-is-not-on-tmpfs.patch:
+ Add patch from upstream to mount ~/.var/APP/cache/tmp at /var/tmp
+ inside the sandbox, so apps can rely on /var/tmp being on disk
+ * d/p/Document-the-DefaultBranch-key.patch,
+ d/p/Document-RuntimeRepo-key.patch:
+ Add patches from upstream to fill in some missing documentation
+ * d/p/testlibrary-ensure-that-contents_array-is-NULL-terminated.patch,
+ d/p/tests-Install-testpython.py-executable.patch,
+ d/p/tests-Move-the-test-repo-to-a-subdirectory-repos-test.patch:
+ Fix some bugs in the tests
+ * debian/tests/: split out builder-python into a separate autopkgtest,
+ it too has more dependencies
+
+ -- Simon McVittie <smcv@debian.org> Wed, 18 Jan 2017 00:02:19 +0000
+
flatpak (0.8.0-1) unstable; urgency=medium
* New upstream stable release
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/debian/control flatpak-0.8.2/debian/control
--- flatpak-0.8.0/debian/control 2016-12-21 14:13:52.000000000 +0000
+++ flatpak-0.8.2/debian/control 2017-01-27 21:56:51.000000000 +0000
@@ -117,6 +117,8 @@
shared-mime-info,
${misc:Depends},
${shlibs:Depends},
+Recommends:
+ python,
Description: Application deployment framework for desktop apps (tests)
Flatpak installs, manages and runs sandboxed desktop application bundles.
See the flatpak package for a more comprehensive description.
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/debian/patches/series flatpak-0.8.2/debian/patches/series
--- flatpak-0.8.0/debian/patches/series 2016-12-21 14:13:52.000000000 +0000
+++ flatpak-0.8.2/debian/patches/series 1970-01-01 01:00:00.000000000 +0100
@@ -1,2 +0,0 @@
-Update-Polish-translation.patch
-flatpak-builder-1-fix-typo.patch
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/debian/tests/builder-python flatpak-0.8.2/debian/tests/builder-python
--- flatpak-0.8.0/debian/tests/builder-python 1970-01-01 01:00:00.000000000 +0100
+++ flatpak-0.8.2/debian/tests/builder-python 2017-01-27 21:56:51.000000000 +0000
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+set -e
+exec 2>&1
+
+exec gnome-desktop-testing-runner Flatpak/test-builder-python.sh.test
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/debian/tests/control flatpak-0.8.2/debian/tests/control
--- flatpak-0.8.0/debian/tests/control 2016-12-21 14:13:52.000000000 +0000
+++ flatpak-0.8.2/debian/tests/control 2017-01-27 21:56:51.000000000 +0000
@@ -12,6 +12,15 @@
gnome-desktop-testing,
make,
+Tests: builder-python
+Restrictions: isolation-machine
+Depends:
+ flatpak-builder,
+ flatpak-tests,
+ gnome-desktop-testing,
+ make,
+ python,
+
Tests: gnome-desktop-testing
Restrictions: isolation-machine
Depends:
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/debian/tests/gnome-desktop-testing flatpak-0.8.2/debian/tests/gnome-desktop-testing
--- flatpak-0.8.0/debian/tests/gnome-desktop-testing 2016-12-21 14:13:52.000000000 +0000
+++ flatpak-0.8.2/debian/tests/gnome-desktop-testing 2017-01-27 21:56:51.000000000 +0000
@@ -19,6 +19,10 @@
# has more dependencies
continue
;;
+ (Flatpak/test-builder-python.sh.test)
+ # has more dependencies
+ continue
+ ;;
esac
gnome-desktop-testing-runner "$t" < /dev/null || touch "$ADTTMP"/failed
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/doc/flatpak-builder.xml flatpak-0.8.2/doc/flatpak-builder.xml
--- flatpak-0.8.0/doc/flatpak-builder.xml 2016-12-01 08:39:57.000000000 +0000
+++ flatpak-0.8.2/doc/flatpak-builder.xml 2017-01-27 09:50:24.000000000 +0000
@@ -782,7 +782,7 @@
<listitem><para>
Limit the number of parallel jobs during the build.
- The default is the nubmer of CPUs on the machine.
+ The default is the number of CPUs on the machine.
</para></listitem>
</varlistentry>
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/doc/flatpak-flatpakref.xml flatpak-0.8.2/doc/flatpak-flatpakref.xml
--- flatpak-0.8.0/doc/flatpak-flatpakref.xml 2016-10-28 09:41:14.000000000 +0100
+++ flatpak-0.8.2/doc/flatpak-flatpakref.xml 2017-01-17 15:50:54.000000000 +0000
@@ -90,6 +90,10 @@
<term><option>GPGKey</option> (string)</term>
<listitem><para>The base64-encoded gpg key for the remote.</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><option>RuntimeRepo</option> (string)</term>
+ <listitem><para>The url for a .flatpakref file for the runtime.</para></listitem>
+ </varlistentry>
</variablelist>
</refsect2>
</refsect1>
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/doc/flatpak-flatpakrepo.xml flatpak-0.8.2/doc/flatpak-flatpakrepo.xml
--- flatpak-0.8.0/doc/flatpak-flatpakrepo.xml 2016-10-28 09:41:14.000000000 +0100
+++ flatpak-0.8.2/doc/flatpak-flatpakrepo.xml 2017-01-17 15:50:54.000000000 +0000
@@ -74,6 +74,10 @@
<term><option>GPGKey</option> (string)</term>
<listitem><para>The base64-encoded gpg key for the remote.</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><option>DefaultBranch</option> (string)</term>
+ <listitem><para>The default branch to use for this remote.</para></listitem>
+ </varlistentry>
</variablelist>
</refsect2>
</refsect1>
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/document-portal/xdp-fuse.c flatpak-0.8.2/document-portal/xdp-fuse.c
--- flatpak-0.8.0/document-portal/xdp-fuse.c 2016-11-28 11:24:52.000000000 +0000
+++ flatpak-0.8.2/document-portal/xdp-fuse.c 2017-01-18 10:32:44.000000000 +0000
@@ -701,7 +701,7 @@
inode->dir_fd = glnx_steal_fd (&dir_fd);
inode->fd = glnx_steal_fd (&fd);
inode->trunc_fd = glnx_steal_fd (&trunc_fd);
- if (inode->trunc_fd != -1 && truncate)
+ if (inode->trunc_fd != -1 && (truncate || exclusive))
{
inode->truncated = TRUE;
g_free (inode->backing_filename);
@@ -1876,7 +1876,7 @@
if (res != 0)
{
- fuse_reply_err (req, ENOSYS);
+ fuse_reply_err (req, res);
}
else
{
@@ -1941,6 +1941,7 @@
fd = xdp_inode_locked_get_write_fd (inode);
if (fd == -1)
{
+ g_debug ("xdp_fuse_write_buf <- error %s", strerror (errno));
fuse_reply_err (req, errno);
}
else
@@ -2134,37 +2135,59 @@
if (inode->type != XDP_INODE_DOC_FILE)
{
- g_debug ("xdp_fuse_access <- not file ENOSYS");
- fuse_reply_err (req, ENOSYS);
- return;
- }
+ int dir_mask = 0;
- entry = xdp_lookup_doc (inode->doc_id);
- if (entry == NULL ||
- !app_can_see_doc (entry, inode->app_id))
- {
- g_debug ("xdp_fuse_access <- no entry error ENOENT");
- fuse_reply_err (req, ENOENT);
- return;
- }
+ switch (inode->type)
+ {
+ case XDP_INODE_ROOT:
+ case XDP_INODE_BY_APP:
+ case XDP_INODE_APP_DIR:
+ dir_mask = R_OK | X_OK;
+ break;
+ case XDP_INODE_APP_DOC_DIR:
+ case XDP_INODE_DOC_DIR:
+ dir_mask = R_OK | X_OK | W_OK;
+ break;
- if (mask == F_OK)
- {
- if (!app_can_see_doc (entry, inode->app_id))
+ default:
+ g_assert_not_reached ();
+ }
+
+ if (mask != F_OK && ((mask & dir_mask) != mask))
{
fuse_reply_err (req, EACCES);
return;
}
}
- else
+ else /* A file */
{
- if (((mask & R_OK) && !app_can_see_doc (entry, inode->app_id)) ||
- ((mask & W_OK) && !app_can_write_doc (entry, inode->app_id)) ||
- (mask & X_OK))
+ entry = xdp_lookup_doc (inode->doc_id);
+ if (entry == NULL ||
+ !app_can_see_doc (entry, inode->app_id))
{
- fuse_reply_err (req, EACCES);
+ g_debug ("xdp_fuse_access <- no entry error ENOENT");
+ fuse_reply_err (req, ENOENT);
return;
}
+
+ if (mask == F_OK)
+ {
+ if (!app_can_see_doc (entry, inode->app_id))
+ {
+ fuse_reply_err (req, EACCES);
+ return;
+ }
+ }
+ else
+ {
+ if (((mask & R_OK) && !app_can_see_doc (entry, inode->app_id)) ||
+ ((mask & W_OK) && !app_can_write_doc (entry, inode->app_id)) ||
+ (mask & X_OK))
+ {
+ fuse_reply_err (req, EACCES);
+ return;
+ }
+ }
}
fuse_reply_err (req, 0);
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/lib/flatpak-installation.c flatpak-0.8.2/lib/flatpak-installation.c
--- flatpak-0.8.0/lib/flatpak-installation.c 2016-12-20 15:26:38.000000000 +0000
+++ flatpak-0.8.2/lib/flatpak-installation.c 2017-01-24 08:54:11.000000000 +0000
@@ -1281,7 +1281,7 @@
g_autofree char *remote = NULL;
g_autofree char *ref = NULL;
- if (!flatpak_dir_create_remote_for_ref_file (dir, ref_file_data, &remote, &ref, error))
+ if (!flatpak_dir_create_remote_for_ref_file (dir, ref_file_data, NULL, &remote, &ref, error))
return NULL;
if (!flatpak_installation_drop_caches (self, cancellable, error))
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/lib/flatpak-version-macros.h flatpak-0.8.2/lib/flatpak-version-macros.h
--- flatpak-0.8.0/lib/flatpak-version-macros.h 2016-12-20 15:44:14.000000000 +0000
+++ flatpak-0.8.2/lib/flatpak-version-macros.h 2017-01-27 10:34:38.000000000 +0000
@@ -27,7 +27,7 @@
#define FLATPAK_MAJOR_VERSION (0)
#define FLATPAK_MINOR_VERSION (8)
-#define FLATPAK_MICRO_VERSION (0)
+#define FLATPAK_MICRO_VERSION (2)
#define FLATPAK_CHECK_VERSION(major,minor,micro) \
(FLATPAK_MAJOR_VERSION > (major) || \
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/Makefile.am flatpak-0.8.2/Makefile.am
--- flatpak-0.8.0/Makefile.am 2016-10-28 09:41:14.000000000 +0100
+++ flatpak-0.8.2/Makefile.am 2017-01-20 14:08:47.000000000 +0000
@@ -6,6 +6,7 @@
noinst_LTLIBRARIES = $(NULL)
libexec_PROGRAMS = $(NULL)
CLEANFILES = $(NULL)
+MAINTAINERCLEANFILES = $(NULL)
DISTCLEANFILES= $(NULL)
BUILT_SOURCES = $(NULL)
EXTRA_DIST =
@@ -22,7 +23,9 @@
SUBDIRS += po
%.service: %.service.in config.log
- $(AM_V_GEN) $(SED) -e "s|\@libexecdir\@|$(libexecdir)|" -e "s|\@extraargs\@||" $< > $@
+ $(AM_V_GEN) $(SED) -e "s|\@libexecdir\@|$(libexecdir)|" \
+ -e "s|\@localstatedir\@|$(localstatedir)|" \
+ -e "s|\@extraargs\@||" $< > $@
dbus_servicedir = $(DBUS_SERVICE_DIR)
service_in_files = $(NULL)
@@ -115,7 +118,7 @@
completion_DATA = completion/flatpak
EXTRA_DIST += $(completion_DATA)
-profiledir = $(sysconfdir)/profile.d
+profiledir = $(PROFILE_DIR)
profile_DATA = flatpak.sh
EXTRA_DIST += \
profile/flatpak.sh.in \
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/NEWS flatpak-0.8.2/NEWS
--- flatpak-0.8.0/NEWS 2016-12-20 21:16:21.000000000 +0000
+++ flatpak-0.8.2/NEWS 2017-01-27 10:33:34.000000000 +0000
@@ -1,3 +1,59 @@
+Major changes in 0.8.2
+======================
+
+This is a bugfix and security update.
+
+Some of the bind-mounts that flatpak sets up were not read-only as
+they should have. This includes: extensions, system fonts,
+resolv.conf, localtime and machine-id. Many of thse are typically only
+writable by root, but some, like the user-specific fonts and
+user-installed extensions could be modified from the sandbox.
+
+Everyone using 0.8.x is recommended to update to this version.
+
+Other fixes:
+
+ * There are new configure options for where to install dbus configuration
+ * Broken symlinks in the root directory no longer break flatpak run
+ * flatpak run with HOME in /var now works
+ * dri access now also handles mali devices
+ * install handles --arch when installing flatpakrefs
+ * system-helper activation fixed on systemd-less setups
+ * dbus-proxy now works without /run
+ * During installation, failing to update a dependency is now not
+ fatal.
+ * /etc is now fully writable when building runtimes
+ * --filesystem=xdg-config/foo now sets up the bind-mount from the host dir
+ even when not using :create.
+
+Major changes in 0.8.1
+======================
+
+This is a bugfix and security update (CVE-2017-5226).
+
+Flatpak now uses seccomp to disallow the TIOCSTI ioctl in the sandbox,
+which works around the possibility to inject text on the controlling
+tty (CVE-2017-5226).
+
+This was previously fixed in bubblewrap in 0.1.6, but that change has
+now been reverted as it introduced other problems for flatpak.
+
+ * Update bundled bubblewrap to 0.1.7
+ * Fix writing new file with O_EXCL in the document portal.
+ * Allow appstream data that doesn't have .desktop in the component id,
+ such as data for runtimes.
+ * Drop json-glib dependency from 1.2 to 1.0
+ * Builder: Fail if unable to read included file
+ * OCI: Ensure exported layers are readable by everyone
+ * Fix extra-data download in gnome-software
+ * Fix update-mime-database trigger when installing via
+ the system helper.
+ * Updating an app by installing a newer bundle now works
+ again.
+ * Make /var/tmp not be on a tmpfs (it is now in
+ ~/.var/app/$appid/cache/tmp).
+ * Documentation / translation updates
+
Major changes in 0.8.0
======================
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/permission-store/xdg-permission-store.c flatpak-0.8.2/permission-store/xdg-permission-store.c
--- flatpak-0.8.0/permission-store/xdg-permission-store.c 2016-10-28 09:41:14.000000000 +0100
+++ flatpak-0.8.2/permission-store/xdg-permission-store.c 2017-01-19 14:33:30.000000000 +0000
@@ -329,7 +329,7 @@
g_variant_iter_init (&iter, app_permissions);
while ((child = g_variant_iter_next_value (&iter)))
{
- g_autoptr(FlatpakDbEntry) old_entry;
+ g_autoptr(FlatpakDbEntry) old_entry = NULL;
const char *child_app_id;
g_autofree const char **permissions;
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/session-helper/flatpak-session-helper.c flatpak-0.8.2/session-helper/flatpak-session-helper.c
--- flatpak-0.8.0/session-helper/flatpak-session-helper.c 2016-11-28 11:24:52.000000000 +0000
+++ flatpak-0.8.2/session-helper/flatpak-session-helper.c 2017-01-27 09:51:09.000000000 +0000
@@ -152,8 +152,8 @@
if (fd_map[i].from == data->tty)
{
if (ioctl (fd_map[i].final, TIOCSCTTY, 0) == -1)
- g_warning ("ioctl(%d, TIOCSCTTY, 0) failed: %s",
- fd_map[i].final, strerror (errno));
+ g_debug ("ioctl(%d, TIOCSCTTY, 0) failed: %s",
+ fd_map[i].final, strerror (errno));
break;
}
}
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/system-helper/flatpak-system-helper.c flatpak-0.8.2/system-helper/flatpak-system-helper.c
--- flatpak-0.8.0/system-helper/flatpak-system-helper.c 2016-12-20 15:26:38.000000000 +0000
+++ flatpak-0.8.2/system-helper/flatpak-system-helper.c 2017-01-19 14:33:30.000000000 +0000
@@ -663,7 +663,7 @@
if (action)
{
- g_autoptr(AutoPolkitAuthorizationResult) result;
+ g_autoptr(AutoPolkitAuthorizationResult) result = NULL;
g_autoptr(GError) error = NULL;
result = polkit_authority_check_authorization_sync (authority, subject,
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/system-helper/flatpak-system-helper.service.in flatpak-0.8.2/system-helper/flatpak-system-helper.service.in
--- flatpak-0.8.0/system-helper/flatpak-system-helper.service.in 2016-10-28 09:41:14.000000000 +0100
+++ flatpak-0.8.2/system-helper/flatpak-system-helper.service.in 2017-01-20 14:08:47.000000000 +0000
@@ -3,5 +3,6 @@
[Service]
BusName=org.freedesktop.Flatpak.SystemHelper
+Environment=XDG_DATA_DIRS=@localstatedir@/lib/flatpak/exports/share/:/usr/local/share/:/usr/share/
ExecStart=@libexecdir@/flatpak-system-helper
Type=dbus
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/system-helper/Makefile.am.inc flatpak-0.8.2/system-helper/Makefile.am.inc
--- flatpak-0.8.0/system-helper/Makefile.am.inc 2016-10-28 09:41:14.000000000 +0100
+++ flatpak-0.8.2/system-helper/Makefile.am.inc 2017-01-19 14:33:21.000000000 +0000
@@ -8,7 +8,7 @@
service_in_files += system-helper/org.freedesktop.Flatpak.SystemHelper.service.in
dbussystemservice_DATA = system-helper/org.freedesktop.Flatpak.SystemHelper.service
-dbusconfdir = ${sysconfdir}/dbus-1/system.d
+dbusconfdir = $(DBUS_CONFIG_DIR)
dbusconf_DATA = system-helper/org.freedesktop.Flatpak.SystemHelper.conf
service_in_files += system-helper/flatpak-system-helper.service.in
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/system-helper/org.freedesktop.Flatpak.SystemHelper.service.in flatpak-0.8.2/system-helper/org.freedesktop.Flatpak.SystemHelper.service.in
--- flatpak-0.8.0/system-helper/org.freedesktop.Flatpak.SystemHelper.service.in 2016-10-28 09:41:14.000000000 +0100
+++ flatpak-0.8.2/system-helper/org.freedesktop.Flatpak.SystemHelper.service.in 2017-01-24 08:54:11.000000000 +0000
@@ -2,3 +2,4 @@
Name=org.freedesktop.Flatpak.SystemHelper
Exec=@libexecdir@/flatpak-system-helper@extraargs@
SystemdService=flatpak-system-helper.service
+User=root
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/libtest.sh flatpak-0.8.2/tests/libtest.sh
--- flatpak-0.8.0/tests/libtest.sh 2016-12-20 15:18:04.000000000 +0000
+++ flatpak-0.8.2/tests/libtest.sh 2017-01-11 23:17:16.000000000 +0000
@@ -180,17 +180,17 @@
GPGARGS="$FL_GPGARGS" . $(dirname $0)/make-test-runtime.sh org.test.Platform bash ls cat echo readlink > /dev/null
GPGARGS="$FL_GPGARGS" . $(dirname $0)/make-test-app.sh > /dev/null
update_repo
- ostree trivial-httpd --autoexit --daemonize -p httpd-port .
+ ostree trivial-httpd --autoexit --daemonize -p httpd-port repos
port=$(cat httpd-port)
- flatpak remote-add ${U} --gpg-import=${FL_GPG_HOMEDIR}/pubring.gpg test-repo "http://127.0.0.1:${port}/repo";
+ flatpak remote-add ${U} --gpg-import=${FL_GPG_HOMEDIR}/pubring.gpg test-repo "http://127.0.0.1:${port}/test";
}
update_repo () {
- ${FLATPAK} build-update-repo $FL_GPGARGS ${UPDATE_REPO_ARGS-} repo
+ ${FLATPAK} build-update-repo $FL_GPGARGS ${UPDATE_REPO_ARGS-} repos/test
}
make_updated_app () {
- GPGARGS="$FL_GPGARGS" . $(dirname $0)/make-test-app.sh UPDATED > /dev/null
+ GPGARGS="$FL_GPGARGS" . $(dirname $0)/make-test-app.sh ${1:-UPDATED} > /dev/null
update_repo
}
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/Makefile.am.inc flatpak-0.8.2/tests/Makefile.am.inc
--- flatpak-0.8.0/tests/Makefile.am.inc 2016-12-12 15:26:27.000000000 +0000
+++ flatpak-0.8.2/tests/Makefile.am.inc 2017-01-18 10:32:44.000000000 +0000
@@ -79,6 +79,7 @@
tests/make-test-app.sh \
tests/make-test-runtime.sh \
tests/make-test-bundles.sh \
+ tests/testpython.py \
$(NULL)
dist_installed_test_data = \
@@ -89,7 +90,6 @@
tests/session.conf.in \
tests/0001-Add-test-logo.patch \
tests/org.test.Python.json \
- tests/testpython.py \
tests/importme.py \
tests/importme2.py \
$(NULL)
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/make-test-app.sh flatpak-0.8.2/tests/make-test-app.sh
--- flatpak-0.8.0/tests/make-test-app.sh 2016-10-28 09:41:14.000000000 +0100
+++ flatpak-0.8.2/tests/make-test-app.sh 2017-01-11 23:17:16.000000000 +0000
@@ -54,5 +54,6 @@
cp $(dirname $0)/org.test.Hello.png ${DIR}/files/share/app-info/icons/flatpak/64x64/
flatpak build-finish --command=hello.sh ${DIR}
-flatpak build-export ${GPGARGS-} repo ${DIR}
+mkdir -p repos
+flatpak build-export ${GPGARGS-} repos/test ${DIR}
rm -rf ${DIR}
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/make-test-runtime.sh flatpak-0.8.2/tests/make-test-runtime.sh
--- flatpak-0.8.0/tests/make-test-runtime.sh 2016-10-28 09:41:14.000000000 +0100
+++ flatpak-0.8.2/tests/make-test-runtime.sh 2017-01-11 23:17:16.000000000 +0000
@@ -57,5 +57,6 @@
mkdir -p ${DIR}/usr/lib/locale/
cp -r /usr/lib/locale/C.* ${DIR}/usr/lib/locale/en_US
-flatpak build-export --runtime ${GPGARGS-} repo ${DIR}
+mkdir -p repos
+flatpak build-export --runtime ${GPGARGS-} repos/test ${DIR}
rm -rf ${DIR}
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/package_version.txt flatpak-0.8.2/tests/package_version.txt
--- flatpak-0.8.0/tests/package_version.txt 2016-12-20 15:44:31.000000000 +0000
+++ flatpak-0.8.2/tests/package_version.txt 2017-01-27 10:34:39.000000000 +0000
@@ -1 +1 @@
-0.8.0
+0.8.2
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/test-builder.sh flatpak-0.8.2/tests/test-builder.sh
--- flatpak-0.8.0/tests/test-builder.sh 2016-11-28 11:24:52.000000000 +0000
+++ flatpak-0.8.2/tests/test-builder.sh 2017-01-11 23:17:16.000000000 +0000
@@ -32,7 +32,7 @@
install_sdk_repo
# Need /var/tmp cwd for xattrs
-REPO=`pwd`/repo
+REPO=`pwd`/repos/test
cd $TEST_DATA_DIR/
cp -a $(dirname $0)/test-configure .
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/test-bundle.sh flatpak-0.8.2/tests/test-bundle.sh
--- flatpak-0.8.0/tests/test-bundle.sh 2016-12-20 15:26:38.000000000 +0000
+++ flatpak-0.8.2/tests/test-bundle.sh 2017-01-16 10:47:22.000000000 +0000
@@ -24,16 +24,16 @@
skip_without_bwrap
skip_without_user_xattrs
-echo "1..6"
+echo "1..7"
mkdir bundles
setup_repo
-${FLATPAK} build-bundle repo --repo-url=file://`pwd`/repo --gpg-keys=${FL_GPG_HOMEDIR}/pubring.gpg bundles/hello.flatpak org.test.Hello
+${FLATPAK} build-bundle repos/test --repo-url=file://`pwd`/repos/test --gpg-keys=${FL_GPG_HOMEDIR}/pubring.gpg bundles/hello.flatpak org.test.Hello
assert_has_file bundles/hello.flatpak
-${FLATPAK} build-bundle repo --runtime --repo-url=file://`pwd`/repo --gpg-keys=${FL_GPG_HOMEDIR}/pubring.gpg bundles/platform.flatpak org.test.Platform
+${FLATPAK} build-bundle repos/test --runtime --repo-url=file://`pwd`/repos/test --gpg-keys=${FL_GPG_HOMEDIR}/pubring.gpg bundles/platform.flatpak org.test.Platform
assert_has_file bundles/platform.flatpak
echo "ok create bundles"
@@ -147,3 +147,19 @@
assert_file_has_content hello_out '^Hello world, from a sandboxUPDATED$'
echo "ok update"
+
+make_updated_app UPDATED2
+
+${FLATPAK} build-bundle repos/test --repo-url=file://`pwd`/repos/test --gpg-keys=${FL_GPG_HOMEDIR}/pubring.gpg bundles/hello2.flatpak org.test.Hello
+assert_has_file bundles/hello2.flatpak
+
+${FLATPAK} install ${U} -y --bundle bundles/hello2.flatpak
+
+NEW2_COMMIT=`${FLATPAK} ${U} info --show-commit org.test.Hello`
+
+assert_not_streq "$NEW_COMMIT" "$NEW2_COMMIT"
+
+run org.test.Hello > hello_out
+assert_file_has_content hello_out '^Hello world, from a sandboxUPDATED2$'
+
+echo "ok update as bundle"
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/test-extensions.sh flatpak-0.8.2/tests/test-extensions.sh
--- flatpak-0.8.0/tests/test-extensions.sh 2016-10-28 09:41:14.000000000 +0100
+++ flatpak-0.8.2/tests/test-extensions.sh 2017-01-11 23:17:16.000000000 +0000
@@ -38,7 +38,7 @@
touch ${DIR}/usr/exists
touch ${DIR}/usr/extension-$ID:$VERSION
- ${FLATPAK} build-export --runtime ${GPGARGS-} repo ${DIR} ${VERSION}
+ ${FLATPAK} build-export --runtime ${GPGARGS-} repos/test ${DIR} ${VERSION}
rm -rf ${DIR}
${FLATPAK} --user install test-repo $ID $VERSION
@@ -85,17 +85,18 @@
EOF
}
-ostree init --repo=repo --mode=archive-z2
+mkdir -p repos
+ostree init --repo=repos/test --mode=archive-z2
. $(dirname $0)/make-test-runtime.sh org.test.Platform bash ls cat echo readlink > /dev/null
. $(dirname $0)/make-test-app.sh > /dev/null
# Modify platform metadata
-ostree checkout -U --repo=repo runtime/org.test.Platform/${ARCH}/master platform
+ostree checkout -U --repo=repos/test runtime/org.test.Platform/${ARCH}/master platform
add_extensions platform
-ostree commit --repo=repo --owner-uid=0 --owner-gid=0 --no-xattrs --branch=runtime/org.test.Platform/${ARCH}/master -s "modified metadata" platform
-ostree summary -u --repo=repo
+ostree commit --repo=repos/test --owner-uid=0 --owner-gid=0 --no-xattrs --branch=runtime/org.test.Platform/${ARCH}/master -s "modified metadata" platform
+ostree summary -u --repo=repos/test
-${FLATPAK} remote-add --user --no-gpg-verify test-repo repo
+${FLATPAK} remote-add --user --no-gpg-verify test-repo repos/test
${FLATPAK} --user install test-repo org.test.Platform master
${FLATPAK} --user install test-repo org.test.Hello master
@@ -139,10 +140,10 @@
echo "ok runtime extensions"
# Modify app metadata
-ostree checkout -U --repo=repo app/org.test.Hello/${ARCH}/master hello
+ostree checkout -U --repo=repos/test app/org.test.Hello/${ARCH}/master hello
add_extensions hello
-ostree commit --repo=repo --owner-uid=0 --owner-gid=0 --no-xattrs --branch=app/org.test.Hello/${ARCH}/master -s "modified metadata" hello
-ostree summary -u --repo=repo
+ostree commit --repo=repos/test --owner-uid=0 --owner-gid=0 --no-xattrs --branch=app/org.test.Hello/${ARCH}/master -s "modified metadata" hello
+ostree summary -u --repo=repos/test
${FLATPAK} --user update org.test.Hello master
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/testlibrary.c flatpak-0.8.2/tests/testlibrary.c
--- flatpak-0.8.0/tests/testlibrary.c 2016-12-20 15:26:38.000000000 +0000
+++ flatpak-0.8.2/tests/testlibrary.c 2017-01-18 10:32:44.000000000 +0000
@@ -579,7 +579,7 @@
{
int status;
g_autoptr(GError) error = NULL;
- char *argv[] = { "flatpak", "build-update-repo", "--gpg-homedir=", "--gpg-sign=", "repo", NULL };
+ char *argv[] = { "flatpak", "build-update-repo", "--gpg-homedir=", "--gpg-sign=", "repos/test", NULL };
GSpawnFlags flags = G_SPAWN_SEARCH_PATH;
g_auto(GStrv) gpgargs = NULL;
@@ -605,7 +605,7 @@
{
int status;
g_autoptr(GError) error = NULL;
- char *argv[] = { "ostree", "trivial-httpd", "--autoexit", "--daemonize", "-p", "http-port", ".", NULL };
+ char *argv[] = { "ostree", "trivial-httpd", "--autoexit", "--daemonize", "-p", "http-port", "repos", NULL };
GSpawnFlags flags = G_SPAWN_SEARCH_PATH;
if (g_test_verbose ())
@@ -640,7 +640,7 @@
port[strlen (port) - 1] = '\0';
gpgimport = g_strdup_printf ("--gpg-import=%s/pubring.gpg", gpg_homedir);
- repo_url = g_strdup_printf ("http://127.0.0.1:%s/repo";, port);
+ repo_url = g_strdup_printf ("http://127.0.0.1:%s/test";, port);
argv[3] = gpgimport;
argv[4] = (char *)repo_name;
@@ -691,6 +691,7 @@
if (priority != NULL)
g_ptr_array_add (contents_array, g_strdup_printf ("Priority=%s", priority));
+ g_ptr_array_add (contents_array, NULL);
contents_string = g_strjoinv ("\n", (char**)contents_array->pdata);
conffile_path = g_strconcat (flatpak_installationsdir, "/", id, ".conf", NULL);
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/test-oci.sh flatpak-0.8.2/tests/test-oci.sh
--- flatpak-0.8.0/tests/test-oci.sh 2016-12-12 15:26:27.000000000 +0000
+++ flatpak-0.8.2/tests/test-oci.sh 2017-01-11 23:17:16.000000000 +0000
@@ -24,13 +24,13 @@
skip_without_bwrap
skip_without_user_xattrs
-echo "1..4"
+echo "1..6"
setup_repo
${FLATPAK} ${U} install test-repo org.test.Platform master
-${FLATPAK} build-bundle --oci repo oci-dir org.test.Hello
+${FLATPAK} build-bundle --oci repos/test oci-dir org.test.Hello
assert_has_file oci-dir/oci-layout
assert_has_dir oci-dir/blobs/sha256
@@ -64,10 +64,34 @@
echo "ok install oci"
make_updated_app
-${FLATPAK} build-bundle --oci repo oci-dir org.test.Hello
+${FLATPAK} build-bundle --oci repos/test oci-dir org.test.Hello
${FLATPAK} update ${U} org.test.Hello
run org.test.Hello > hello_out
assert_file_has_content hello_out '^Hello world, from a sandboxUPDATED$'
echo "ok update oci"
+
+flatpak uninstall ${U} org.test.Hello
+
+make_updated_app HTTP
+${FLATPAK} build-bundle --oci repos/test oci-dir org.test.Hello
+
+ostree trivial-httpd --autoexit --daemonize -p oci-port `pwd`/oci-dir
+ociport=$(cat oci-port)
+
+${FLATPAK} install -v ${U} --oci http://127.0.0.1:${ociport} latest
+
+run org.test.Hello > hello_out
+assert_file_has_content hello_out '^Hello world, from a sandboxHTTP$'
+
+echo "ok install oci http"
+
+make_updated_app UPDATEDHTTP
+${FLATPAK} build-bundle --oci repos/test oci-dir org.test.Hello
+
+${FLATPAK} update ${U} org.test.Hello
+run org.test.Hello > hello_out
+assert_file_has_content hello_out '^Hello world, from a sandboxUPDATEDHTTP$'
+
+echo "ok update oci http"
diff -Nru --exclude configure --exclude '*.patch' --exclude '*.html' --exclude aclocal.m4 --exclude bubblewrap --exclude po --exclude Makefile.in flatpak-0.8.0/tests/test-run.sh flatpak-0.8.2/tests/test-run.sh
--- flatpak-0.8.0/tests/test-run.sh 2016-12-14 12:48:51.000000000 +0000
+++ flatpak-0.8.2/tests/test-run.sh 2017-01-11 23:17:16.000000000 +0000
@@ -220,7 +220,7 @@
echo "nope" > ${DIR}/files/nope
${FLATPAK} build-finish --command=hello.sh ${DIR}
-${FLATPAK} build-export ${FL_GPGARGS} repo ${DIR}
+${FLATPAK} build-export ${FL_GPGARGS} repos/test ${DIR}
update_repo
${FLATPAK} ${U} install test-repo org.test.Split --subpath=/a --subpath=/b --subpath=/nosuchdir master
@@ -246,7 +246,7 @@
echo "f" > ${DIR}/files/f/data
rm -rf ${DIR}/files/b
-${FLATPAK} build-export ${FL_GPGARGS} repo ${DIR}
+${FLATPAK} build-export ${FL_GPGARGS} repos/test ${DIR}
update_repo
${FLATPAK} ${U} update --subpath=/a --subpath=/b --subpath=/e --subpath=/nosuchdir org.test.Split
@@ -266,7 +266,7 @@
assert_not_has_file $FL_DIR/app/org.test.Split/$ARCH/master/active/files/f
assert_not_has_file $FL_DIR/app/org.test.Split/$ARCH/master/active/files/nope
-${FLATPAK} build-export ${FL_GPGARGS} repo ${DIR}
+${FLATPAK} build-export ${FL_GPGARGS} repos/test ${DIR}
update_repo
# Test reusing the old subpath list
@@ -294,15 +294,15 @@
DIR=`mktemp -d`
${FLATPAK} build-init ${DIR} org.test.CurrentVersion org.test.Platform org.test.Platform
${FLATPAK} build-finish --require-version=${VERSION} --command=hello.sh ${DIR}
-${FLATPAK} build-export ${FL_GPGARGS} repo ${DIR}
+${FLATPAK} build-export ${FL_GPGARGS} repos/test ${DIR}
DIR=`mktemp -d`
${FLATPAK} build-init ${DIR} org.test.OldVersion org.test.Platform org.test.Platform
${FLATPAK} build-finish --require-version=0.6.10 --command=hello.sh ${DIR}
-${FLATPAK} build-export ${FL_GPGARGS} repo ${DIR}
+${FLATPAK} build-export ${FL_GPGARGS} repos/test ${DIR}
DIR=`mktemp -d`
${FLATPAK} build-init ${DIR} org.test.NewVersion org.test.Platform org.test.Platform
${FLATPAK} build-finish --require-version=${VERSION}9 --command=hello.sh ${DIR}
-${FLATPAK} build-export ${FL_GPGARGS} repo ${DIR}
+${FLATPAK} build-export ${FL_GPGARGS} repos/test ${DIR}
update_repo
@@ -313,14 +313,14 @@
DIR=`mktemp -d`
${FLATPAK} build-init ${DIR} org.test.OldVersion org.test.Platform org.test.Platform
${FLATPAK} build-finish --require-version=99.0.0 --command=hello.sh ${DIR}
-${FLATPAK} build-export ${FL_GPGARGS} repo ${DIR}
+${FLATPAK} build-export ${FL_GPGARGS} repos/test ${DIR}
(! ${FLATPAK} ${U} update org.test.OldVersion)
DIR=`mktemp -d`
${FLATPAK} build-init ${DIR} org.test.OldVersion org.test.Platform org.test.Platform
${FLATPAK} build-finish --require-version=0.1.1 --command=hello.sh ${DIR}
-${FLATPAK} build-export ${FL_GPGARGS} repo ${DIR}
+${FLATPAK} build-export ${FL_GPGARGS} repos/test ${DIR}
${FLATPAK} ${U} update org.test.OldVersion
--- End Message ---